Bezpieczeństwo sieci
Bezpieczeństwo sieci komputerowych jest aktualnie ważnym, lecz coraz bardziej skomplikowanym zagadnieniem. Książki zebrane w tej kategorii przedstawiają praktycznie wszystkie jego aspekty. Nauczycie się implementacji bezpiecznych połączeń z wykorzystaniem szeregu różnych protokołów sieciowych, a także wykorzystywać protokół SSH do pracy na zdalnych systemach.
Opanujecie ponadto umiejętność konfiguracji tuneli VPN z wykorzystaniem protokołów SSL i IPSec. Dzięki wiedzy zawartej w tym dziale, nauczycie się skutecznie bronić przed włamaniami, atakami DDoS czy działaniom typu IP-spoofing.
Mustafa Toroman
Decyzja o przeniesieniu zasobów informatycznych do chmury jest podejmowana najczęściej wtedy, gdy niezawodność i bezpieczeństwo systemu są dla firmy sprawą kluczową. Jeśli chodzi o rozwiązania oparte na chmurze obliczeniowej, warto zainteresować się Azure. Azure udostępnia takie usługi, by umożliwić rozbudowę i monitorowanie aplikacji, baz danych czy innych usług oraz zarządzanie nimi w sposób globalny. Pozwala na ciągłe dostarczanie znakomitych, innowacyjnych rozwiązań. Umożliwia wirtualizację rozmaitych systemów, takich jak Windows, Linux, dystrybucje serwerowe, strony WWW, aplikacje ASP .NET, systemy CMS, bazy danych czy rozproszone klastry obliczeniowe. Oto praktyczne wprowadzenie do Azure. Wyjaśniono tu wiele pojęć potrzebnych w pracy administratora, takich jak sieci wirtualne oraz koncepcja IaaS. Omówiono zasady pracy z Azure oraz pokazano, jak można przygotować platformę do wdrożenia własnego systemu. Od strony praktycznej przedstawiono tworzenie zaawansowanych usług w platformie Azure. Sporo miejsca poświęcono najważniejszym kwestiom bezpieczeństwa i administracji, zaprezentowano też szereg dobrych praktyk, a także sporo technik ułatwiających rozwiązywanie najczęstszych problemów. Książka jest napisana w zwięzły i przystępny sposób. Dzięki niej szybko i skutecznie zaczniesz administrować zasobami w chmurze Azure. W tej książce między innymi: podstawowe pojęcia, koncepcje i modele związane z chmurą obliczeniową tworzenie i konfiguracja wirtualnej maszyny Azure praca z bazami danych, usługi IaaS i PaaS usługi hybrydowe, implementacja i zarządzanie tożsamość i bezpieczeństwo zasobów w chmurze Azure Chmura Azure: przenieś swój system na wyższy poziom!
CHROŃ I ROZWIJAJ BIZNES - CYBER AI Część 1 Wykorzystanie AI w bezpieczeństwie organizacji
Dariusz Gołębiowski
Masz firmę, fundację, albo inną organizację, którą chcesz ochronić przed cyberzagrożeniami? Świetnie, bo właśnie trzymasz wirtualną broń do walki z cyfrowymi złoczyńcami! Pierwsza część serii "CHROŃ I ROZWIJAJ BIZNES - CYBER AI" to Twoje kompendium wiedzy o tym, jak nie tylko wywinąć się z rąk hakerów, ale też sprytnie wdrożyć sztuczną inteligencję, która pomoże Ci spać spokojnie... no, przynajmniej dopóki AI nie zacznie przejmować kontroli nad światem. 😉 W tej książce dowiesz się, dlaczego malware to coś więcej niż problem komputera wujka Janka, jak unikać pułapek phishingowych, które są bardziej podstępne niż zaproszenie na "darmową pizzę", oraz dlaczego dyrektywa NIS 2 nie jest tylko kolejnym nudnym prawniczym dokumentem, który gdzieś tam podpisano. A teraz najlepsza część: sztuczna inteligencja (tak, ta od filmów sci-fi!) może być Twoim najlepszym przyjacielem w walce z zagrożeniami. Dzięki AI Twój system zabezpieczeń będzie niczym Sherlock Holmes, który znajdzie każdą podejrzaną aktywność, zanim jeszcze pomyślisz o kawie. W książce znajdziesz konkretne przykłady, jak AI może ochronić Twoje dane, monitorować pracowników (bez robienia z tego kolejnego odcinka live-streaam badziewnych seriali dla samotnych ludzi) i automatyzować reakcje na zagrożenia. Jeśli myślisz, że to koniec... to niespodzianka! Druga część serii, zaplanowana na przyszły rok, będzie o tym, jak sztuczna inteligencja nie tylko ochroni Twoją organizację, ale także pomoże Ci ją rozwijać - kto wie, może nawet stworzy dla Ciebie plan na podbój świata (w granicach prawa, oczywiście). Nie przegap okazji, żeby zabezpieczyć swój biznes przed zagrożeniami, które krążą w sieci szybciej niż memy z kotami. Zrób to z uśmiechem i nutą technologicznej magii!
Hemang Doshi
With the latest updates and revised study material, this second edition of the Certified Information Systems Auditor Study Guide provides an excellent starting point for your CISA certification preparation. The book strengthens your grip on the core concepts through a three-step approach. First, it presents the fundamentals with easy-to-understand theoretical explanations. Next, it provides a list of key aspects that are crucial from the CISA exam perspective, ensuring you focus on important pointers for the exam. Finally, the book makes you an expert in specific topics by engaging you with self-assessment questions designed to align with the exam format, challenging you to apply your knowledge and sharpen your understanding.Moreover, the book comes with lifetime access to supplementary resources on an online platform, including CISA flashcards, practice questions, and valuable exam tips. With unlimited access to the website, you’ll have the flexibility to practice as many times as you desire, maximizing your exam readiness.By the end of this book, you’ll have developed the proficiency to successfully obtain the CISA certification and significantly upgrade your auditing career.
Hemang Doshi, Javen Khoo Ai Wee
Following on from the success of its bestselling predecessor, this third edition of the CISA - Certified Information Systems Auditor Study Guide serves as your go-to resource for acing the CISA exam. Written by renowned CISA expert Hemang Doshi, this guide equips you with practical skills and in-depth knowledge to excel in information systems auditing, setting the foundation for a thriving career.Fully updated to align with the 28th edition of the CISA Official Review Manual, this guide covers the latest exam objectives and provides a deep dive into essential IT auditing areas, including IT governance, systems development, and asset protection. The book follows a structured, three-step approach to solidify your understanding. First, it breaks down the fundamentals with clear, concise explanations. Then, it highlights critical exam-focused points to ensure you concentrate on key areas. Finally, it challenges you with self-assessment questions that reflect the exam format, helping you assess your knowledge.Additionally, you’ll gain access to online resources, including mock exams, interactive flashcards, and invaluable exam tips, ensuring you’re fully prepared for the exam with unlimited practice opportunities.By the end of this guide, you’ll be ready to pass the CISA exam with confidence and advance your career in auditing.
Glen D. Singh
Achieving the Cisco Certified CyberOps Associate 200-201 certification helps you to kickstart your career in cybersecurity operations. This book offers up-to-date coverage of 200-201 exam resources to fully equip you to pass on your first attempt.The book covers the essentials of network security concepts and shows you how to perform security threat monitoring. You'll begin by gaining an in-depth understanding of cryptography and exploring the methodology for performing both host and network-based intrusion analysis. Next, you'll learn about the importance of implementing security management and incident response strategies in an enterprise organization. As you advance, you'll see why implementing defenses is necessary by taking an in-depth approach, and then perform security monitoring and packet analysis on a network. You'll also discover the need for computer forensics and get to grips with the components used to identify network intrusions. Finally, the book will not only help you to learn the theory but also enable you to gain much-needed practical experience for the cybersecurity industry.By the end of this Cisco cybersecurity book, you'll have covered everything you need to pass the Cisco Certified CyberOps Associate 200-201 certification exam, and have a handy, on-the-job desktop reference guide.
M. L. Srinivasan
Certified Information Systems Security Professional (CISSP) is an internationally recognized and coveted qualification. Success in this respected exam opens the door to your dream job as a security expert with an eye-catching salary. But passing the final exam is challenging. Every year a lot of candidates do not prepare sufficiently for the examination, and fail at the final stage. This happens when they cover everything but do not revise properly and hence lack confidence.This simple yet informative book will take you through the final weeks before the exam with a day-by-day plan covering all of the exam topics. It will build your confidence and enable you to crack the Gold Standard exam, knowing that you have done all you can to prepare for the big day.This book provides concise explanations of important concepts in all 10 domains of the CISSP Common Body of Knowledge (CBK). Starting with Confidentiality, Integrity, and Availability, you will focus on classifying information and supporting assets. You will understand data handling requirements for sensitive information before gradually moving on to using secure design principles while implementing and managing engineering processes. You will understand the application of cryptography in communication security and prevent or mitigate strategies for network attacks. You will also learn security control requirements and how to assess their effectiveness. Finally, you will explore advanced topics such as automated and manual test result analysis and reporting methods.A complete mock test is included at the end to evaluate whether you're ready for the exam. This book is not a replacement for full study guides; instead, it builds on and reemphasizes concepts learned from them.
Ted Jordan
The CISSP exam is for security professionals who understand that poor security can put a company out of business. The exam covers eight important security domains - risk management, security architecture, data security, network security, identity management, auditing, security operations, and software development security. Designed to cover all the concepts tested in the CISSP exam, CISSP (ISC)2 Certification Practice Exams and Tests will assess your knowledge of information security and introduce you to the tools you need to master to pass the CISSP exam (version May 2021). With more than 100 questions for every CISSP domain, this book will test your understanding and fill the gaps in your knowledge with the help of descriptive answers and detailed explanations. You'll also find two complete practice exams that simulate the real CISSP exam, along with answers. By the end of this book, you'll be ready to take and pass the (ISC)2 CISSP exam and achieve the Certified Information Systems Security Professional certification putting you in the position to build a career as a security engineer, security manager, or chief information security officer (CISO)
Shinesa Cambric, Michael Ratemo
As more and more companies are moving to cloud and multi-cloud environments, being able to assess the compliance of these environments properly is becoming more important. But in this fast-moving domain, getting the most up-to-date information is a challenge—so where do you turn?Cloud Auditing Best Practices has all the information you’ll need. With an explanation of the fundamental concepts and hands-on walk-throughs of the three big cloud players, this book will get you up to speed with cloud auditing before you know it.After a quick introduction to cloud architecture and an understanding of the importance of performing cloud control assessments, you’ll quickly get to grips with navigating AWS, Azure, and GCP cloud environments. As you explore the vital role an IT auditor plays in any company’s network, you'll learn how to successfully build cloud IT auditing programs, including using standard tools such as Terraform, Azure Automation, AWS Policy Sentry, and many more.You’ll also get plenty of tips and tricks for preparing an effective and advanced audit and understanding how to monitor and assess cloud environments using standard tools.By the end of this book, you will be able to confidently apply and assess security controls for AWS, Azure, and GCP, allowing you to independently and effectively confirm compliance in the cloud.
Ganesh Ramakrishnan, Mansoor Haqanee
As organizations embrace cloud-centric environments, it becomes imperative for security professionals to master the skills of effective cloud investigation. Cloud Forensics Demystified addresses this pressing need, explaining how to use cloud-native tools and logs together with traditional digital forensic techniques for a thorough cloud investigation. The book begins by giving you an overview of cloud services, followed by a detailed exploration of the tools and techniques used to investigate popular cloud platforms such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). Progressing through the chapters, you’ll learn how to investigate Microsoft 365, Google Workspace, and containerized environments such as Kubernetes. Throughout, the chapters emphasize the significance of the cloud, explaining which tools and logs need to be enabled for investigative purposes and demonstrating how to integrate them with traditional digital forensic tools and techniques to respond to cloud security incidents. By the end of this book, you’ll be well-equipped to handle security breaches in cloud-based environments and have a comprehensive understanding of the essential cloud-based logs vital to your investigations. This knowledge will enable you to swiftly acquire and scrutinize artifacts of interest in cloud security incidents.
Cloud Penetration Testing. Learn how to effectively pentest AWS, Azure, and GCP applications
Kim Crawley
With AWS, Azure, and GCP gaining prominence, understanding their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you’ll explore the intricacies of cloud security testing and gain valuable insights into how pentesters evaluate cloud environments effectively.In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set.By the end of this cloud security book, you’ll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments.
Cloud Security Automation. Get to grips with automating your cloud security on AWS and OpenStack
Prashant Priyam
Security issues are still a major concern forall IT organizations. For many enterprises,the move to cloud computing has raisedconcerns for security, but when applicationsare architected with focus on security,cloud platforms can be made just as secureas on-premises platforms. Cloud instancescan be kept secure by employing securityautomation that helps make your data meetyour organization's security policy.This book starts with the basics of whycloud security is important and howautomation can be the most effective wayof controlling cloud security. You willthen delve deeper into the AWS cloudenvironment and its security servicesby dealing with security functions suchas Identity and Access Managementand will also learn how these servicescan be automated. Moving forward,you will come across aspects suchas cloud storage and data security, automatingcloud deployments, and so on. Then,you'll work with OpenStack security modulesand learn how private cloud securityfunctions can be automated for bettertime- and cost-effectiveness. Toward the endof the book, you will gain an understandingof the security compliance requirementsfor your Cloud.By the end of this book, you will havehands-on experience of automating yourcloud security and governance.
Eyal Estrin
Securing cloud resources is no easy task—each provider has its unique set of tools, processes, and challenges, demanding specialized expertise. This book cuts through the complexity, delivering practical guidance on embedding security best practices across the core infrastructure components of AWS, Azure, and GCP. It equips information security professionals and cloud engineers with the skills to identify risks and implement robust security controls throughout the design, deployment, and maintenance of public cloud environments.Starting with the shared responsibility model, cloud service models, and deployment models, this book helps you get to grips with fundamental concepts such as compute, storage, networking, identity management, and encryption. You’ll then explore common threats and compliance requirements for cloud environments. As you progress, you'll implement security strategies across deployments ranging from small-scale environments to enterprise-grade production systems, including hybrid and multi-cloud setups.This edition expands on emerging topics like GenAI service security and DevSecOps, with hands-on examples leveraging built-in security features of AWS, Azure, and GCP.By the end of this book, you'll confidently secure any cloud environment with a comprehensive understanding of cloud security principles.
Nearchos Nearchou
In today’s world, the crime-prevention landscape is impossible to navigate. The dark web means new frontiers of combat against bad actors that pop up daily. Everyone from narcotics dealers to human traffickers are exploiting the dark web to evade authorities. If you want to find your feet in this tricky terrain and fight crime on the dark web, take this comprehensive, easy-to-follow cyber security guide with you.Combating Crime on the Dark Web contains everything you need to be aware of when tackling the world of the dark web. Step by step, you’ll gain acumen in the tactics that cybercriminals are adopting and be equipped with the arsenal of strategies that are available to you as a cybersecurity specialist.This cyber security book ensures that you are well acquainted with all the latest techniques to combat dark web criminality. After a primer on cybercrime and the history of the dark web, you’ll dive right into the main domains of the dark web ecosystem, reaching a working understanding of how drug markets, child pornography, and human trafficking operate. Once well-versed with the functioning of criminal groups, you’ll be briefed on the most effective tools and methods being employed by law enforcement, tech companies, and others to combat such crimes, developing both a toolkit and a mindset that can help you stay safe from such criminal activities and can be applied in any sector or domain. By the end of this book, you’ll be well prepared to begin your pushback against the criminal elements of the dark web.
Glen D. Singh
This book helps you to easily understand core networking concepts without the need of prior industry experience or knowledge within this fi eld of study. This updated second edition of the CompTIA Network+ N10-008 Certification Guide begins by introducing you to the core fundamentals of networking technologies and concepts, before progressing to intermediate and advanced topics using a student-centric approach.You’ll explore best practices for designing and implementing a resilient and scalable network infrastructure to support modern applications and services. Additionally, you’ll learn network security concepts and technologies to effectively secure organizations from cyber attacks and threats. The book also shows you how to efficiently discover and resolve networking issues using common troubleshooting techniques.By the end of this book, you’ll have gained sufficient knowledge to efficiently design, implement, and maintain a network infrastructure as a successful network professional within the industry. You’ll also have gained knowledge of all the official CompTIA Network+ N10-008 exam objectives, networking technologies, and how to apply your skills in the real world.
Ian Neil
CompTIA Security+ is a worldwide certification that establishes the fundamental knowledge required to perform core security functions and pursue an IT security career. CompTIA Security+ Certification Guide is a best-in-class exam study guide that covers all of CompTIA Security+ 501 exam objectives. It is authored by Ian Neil, who is a world-class trainer of CompTIA Security+ 501. Packed with self-assessment scenarios and realistic exam questions, this guide will help you master the core concepts to succeed in the exam the first time you take it. Using relevant examples, you will learn all the important security fundamentals from Certificates and Encryption to Identity and Access Management concepts. You will then dive into the important domains of the exam; namely, threats, attacks and vulnerabilities, technologies and tools, architecture and design, risk management, and cryptography and Public Key Infrastructure (PKI). This book comes with over 600 practice questions with detailed explanation that is at the exam level and also includes two mock exams to help you with your study plan. This guide will ensure that encryption and certificates are made easy for you.
Mark McGinley
Ace the globally recognized CompTIA Security+ SY0-701 certification exam by validating your expertise in essential cybersecurity concepts and practices through rigorously designed practice tests. Covering all the concepts tested in the CompTIA Security+ SY0-701 exam, this exam guide will help you evaluate your proficiency across five core security domains: general security concepts, threats and vulnerabilities with mitigations, security architecture, security operations, and program management.More than just another study guide, this book is a strategic preparation tool that focuses on assessing your retention of the material and evaluating your exam readiness rather than teaching theory. Packed with hundreds of expertly crafted questions, it mirrors the actual exam’s difficulty level and offers more than knowledge—you’ll develop the confidence and strategic thinking needed to excel on test day. To address the gaps in your knowledge, each question is paired with descriptive answers and in-depth explanations, transforming potential mistakes into powerful learning moments.By the end of this book, you’ll be primed to approach the CompTIA Security+ SY0-701 exam with the skills and expertise needed to succeed.